automatic module_metadata_base.json update

rapid7 · Dec 5, 2024 · d439a9e · d439a9e
1 parent e8911f9
commit d439a9e
Showing 1 changed file with 58 additions and 0 deletions.
diff --git a/db/modules_metadata_base.json b/db/modules_metadata_base.json
@@ -91596,6 +91596,64 @@
 
     ]
   },
+  "exploit_linux/local/vcenter_sudo_lpe": {
+    "name": "vCenter Sudo Privilege Escalation",
+    "fullname": "exploit/linux/local/vcenter_sudo_lpe",
+    "aliases": [
+
+    ],
+    "rank": 500,
+    "disclosure_date": "2024-06-18",
+    "type": "exploit",
+    "author": [
+      "h00die",
+      "Matei \"Mal\" Badanoiu"
+    ],
+    "description": "VMware vCenter Server < 7.0.3 update R and < 8.0.2 update D\n          contains multiple local privilege escalation vulnerabilities\n          due to misconfiguration of sudo. An authenticated local user\n          with non-administrative privileges may exploit these issues\n          to elevate privileges to root on vCenter Server Appliance.\n\n          Tested against VMware vCenter Server Appliance 8.0.0.10000 20519528",
+    "references": [
+      "URL-https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24453",
+      "URL-https://github.com/mbadanoiu/CVE-2024-37081/blob/main/VMware%20vCenter%20-%20CVE-2024-37081.pdf",
+      "CVE-2024-37081"
+    ],
+    "platform": "Linux",
+    "arch": "x86, x64",
+    "rport": null,
+    "autofilter_ports": [
+
+    ],
+    "autofilter_services": [
+
+    ],
+    "targets": [
+      "Auto"
+    ],
+    "mod_time": "2024-12-04 18:39:43 +0000",
+    "path": "/modules/exploits/linux/local/vcenter_sudo_lpe.rb",
+    "is_install_path": true,
+    "ref_name": "linux/local/vcenter_sudo_lpe",
+    "check": true,
+    "post_auth": false,
+    "default_credential": false,
+    "notes": {
+      "Stability": [
+        "crash-safe"
+      ],
+      "Reliability": [
+        "repeatable-session"
+      ],
+      "SideEffects": [
+        "artifacts-on-disk"
+      ]
+    },
+    "session_types": [
+      "shell",
+      "meterpreter"
+    ],
+    "needs_cleanup": true,
+    "actions": [
+
+    ]
+  },
   "exploit_linux/local/vmware_alsa_config": {
     "name": "VMware Workstation ALSA Config File Local Privilege Escalation",
     "fullname": "exploit/linux/local/vmware_alsa_config",